Cirrusgo - A Fast Tool To Scan SAAS, PAAS App Written In Go


A fast tool to scan SAAS,PAAS App written in Go

SAAS App Support :

  • salesforce
  • contentful (next version)

Note flag -o output not working

install : golang 1.18Ver

go install -v github.com/Ph33rr/cirrusgo/cmd/[email protected]orgo install -v github.com/Ph33rr/CirrusGo/cmd/[email protected]


Help:

cirrusgo --help
  ______ _                           ______ / ____/(_)_____ _____ __  __ _____ / ____/____/ /    / // ___// ___// / / // ___// / __ / __ \/ /___ / // /   / /   / /_/ /(__  )/ /_/ // /_/ /\____//_//_/   /_/    \__,_//____/ \____/ \____/ v0.0.1cirrusgo --help-u, --url <URL>           Define single URL to fuzz-l, --list		  Show App List-c, --check               only check endpoint-V, --version             Show current version-h, --help                Display its help[cirrusgo [app] [options] ..]cirrusgo salesforce --help-u, --url <URL>           Define single URL-c, --check               only check endpoint-lobj, --listobj          pull the object list.-gobj --getobj            pull the object.-obj --objects            set the object name. Default value is "User" object.                          Juicy Objects: Case,Account,User,Contact,Document,Cont                             entDocument,ContentVersion,ContentBody,CaseComment,Not                          e,Employee,Attachment,EmailMessage,CaseExternalDocumen                          t,Attachment,Lead,Name,EmailTemplate,EmailMessageRelation-gre --getrecord          pull the Record id.-re --recordid            set the recode id to dump the record-cw --chkWritable         check all Writable objects-f, --full                dump all pages of objects.--dump-H, --header <HEADER>     Pass custom header to target-proxy, --proxy <URL>     Use proxy to fuzz-o, --output <FILE>       File to save results[flags payload][command: cirrusgo salesforce --payload options]-payload, --payload      Generator payload for test manual Default "ObjectList"GetItems                -obj set object                        -page set page                        -pages set pageSizeGetRecord 	           -re set recoder id WritableOBJ             -obj set object  SearchObj               -obj set object                         -page set page                        -pages set pageSizeAuraContext             -fwuid set UID                         -App set AppName                        -markup set markup                        ObjectList               no optionsDump                     no options		 -h, --help               Display its help 

Example :

cirrusgo salesforce -u https://loclhost -gobj

dump:

cirrusgo salesforce -u https://localhost/ -f

check Writable Objects:

cirusgo salesforce -u https://localhost/ -cw




Source: www.kitploit.com
Cirrusgo - A Fast Tool To Scan SAAS, PAAS App Written In Go Cirrusgo - A Fast Tool To Scan SAAS, PAAS App Written In Go Reviewed by Zion3R on 6:17 AM Rating: 5